flusity-CMS
by flusity
CVEs (25)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-33442 | Med | 0.28 | 4.3 | 0.01 | May 1, 2024 | An issue in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via the add_post.php component. | ||
| CVE-2024-25410 | Med | 0.00 | 6.5 | 0.01 | Feb 26, 2024 | flusity-CMS 2.33 is vulnerable to Unrestricted Upload of File with Dangerous Type in update_setting.php. | ||
| CVE-2023-5811 | Low | 0.00 | 2.4 | 0.01 | Oct 27, 2023 | A vulnerability, which was classified as problematic, was found in flusity CMS. Affected is the function loadPostAddForm of the file core/tools/posts.php. The manipulation of the argument menu_id leads to cross site scripting. It is possible to launch the attack remotely. The… | ||
| CVE-2023-5810 | Low | 0.00 | 2.4 | 0.00 | Oct 27, 2023 | A vulnerability, which was classified as problematic, has been found in flusity CMS. This issue affects the function loadPostAddForm of the file core/tools/posts.php. The manipulation of the argument edit_post_id leads to cross site scripting. The attack may be initiated… | ||
| CVE-2023-5793 | Low | 0.00 | 3.5 | 0.00 | Oct 26, 2023 | A vulnerability was found in flusity CMS and classified as problematic. This issue affects the function loadCustomBlocCreateForm of the file /core/tools/customblock.php of the component Dashboard. The manipulation of the argument customblock_place leads to cross site scripting.… |
- risk 0.28cvss 4.3epss 0.01
An issue in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via the add_post.php component.
- risk 0.00cvss 6.5epss 0.01
flusity-CMS 2.33 is vulnerable to Unrestricted Upload of File with Dangerous Type in update_setting.php.
- risk 0.00cvss 2.4epss 0.01
A vulnerability, which was classified as problematic, was found in flusity CMS. Affected is the function loadPostAddForm of the file core/tools/posts.php. The manipulation of the argument menu_id leads to cross site scripting. It is possible to launch the attack remotely. The…
- risk 0.00cvss 2.4epss 0.00
A vulnerability, which was classified as problematic, has been found in flusity CMS. This issue affects the function loadPostAddForm of the file core/tools/posts.php. The manipulation of the argument edit_post_id leads to cross site scripting. The attack may be initiated…
- risk 0.00cvss 3.5epss 0.00
A vulnerability was found in flusity CMS and classified as problematic. This issue affects the function loadCustomBlocCreateForm of the file /core/tools/customblock.php of the component Dashboard. The manipulation of the argument customblock_place leads to cross site scripting.…
Page 2 of 2